CVE-2006-4652

Name of the Vulnerable Software and Affected Versions Amazing Little Poll versions (affected versions not specified) Amazing Little Picture Poll versions (affected versions not specified)

Description The issue concerns default passwords in the software, allowing remote attackers to create new polls by entering these default credentials. Specifically, the default password "dsapoll" can be used to access the system via the lp admin.php endpoint, enabling unauthorized creation of polls.

Recommendations For Amazing Little Poll, change the default password "dsapoll" to a unique and secure password. For Amazing Little Picture Poll, change the default password "dsapoll" to a unique and secure password. As a temporary workaround, consider restricting access to the lp admin.php endpoint until secure passwords are implemented.